Comments (13)
@malohtie - it's unclear what change 3.0.36 introduced that would be causing that behavior. If you want the issue actually fixed you'll need to provide more information. For a start, SSH logs. eg. do
define('NET_SSH2_LOGGING', 2);
at the top andecho $ssh->getLog();
.Thank you.
i m unable to get any logs the exception No data received from server
keep raising
Actually, I wonder if c948a9a maybe is causing this issue.
As discussed in #1977 (comment) the change caused no issues in my own tests nor did it cause any issues in the unit tests but it's ultimately fairly difficult to determine the ultimate impact of that change. Quoting my comment in that post:
incorporating this change could be a boon to people (such as yourself) currently having issues but it could also break things for other people (like I said, the consequences are hard to predict).
To test all you need do is this:
# #-----[ OPEN ]------------------------------------------ # Net/SSH2.php # #-----[ FIND ]------------------------------------------ # stream_set_timeout($this->fsock, $sec, $usec); $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); # #-----[ REPLACE WITH ]---------------------------------- # //stream_set_timeout($this->fsock, $sec, $usec); $raw = stream_get_contents($this->fsock, $this->decrypt_block_size);
Yes commenting this line solve this issue.
After some digging we see that we define sftp class with 0 timeout to keep things running
$sftp = new SFTP($server->ip, $server->port, 0);
and with this current change
$sec = (int) floor($this->curTimeout);
$usec = (int) (1000000 * ($this->curTimeout - $sec));
stream_set_timeout($this->fsock, $sec, $usec);
it will always timeout
from phpseclib.
@malohtie when I posted this, I got the same issue and saw we passed 0 as timeout as well, but I assumed it was an error on our side.
I see you got this all figured out, I'll give it a try.
from phpseclib.
3.0.37 has been released.
Thanks!
from phpseclib.
How did that change break your code?
Ultimately, when you get right down to it, even bug fixes can be potentially breaking changes. 3.0.36 also added some guardrails to isPrime
and what not but how do I know that someone isn't legit trying to use phpseclib to verify the primality of a number with 16K bits? Previously that'd "work" but, depending on what extensions you have installed, it might take a tooon of time. Like if you set the timeout to 0 and were doing it from the CLI PHP would happily run for 30m if you let it. And who's to say that someone isn't doing that?
https://xkcd.com/1172/ nicely illustrates this.
https://phpseclib.com/docs/versioning talks about my versioning philosophy.
Great work by the way!
Thanks :)
from phpseclib.
I extend the SSH2 class, we do some stuff in our own isConnected methods (retry, dispose connection if not used for a while, etc) so suddenly our class wasn't compatible anymore as the signature was different. We only implemented that Thursday last week, before then, nothing would have happened. So if you would be so kind as to stop looking at what mess we develop, to then break things, go find your fun elsewhere 😄.
Jokes aside, it was really a non-issue, just wondering if there was any logic in the numbering, I should have looked further on your site to find your versioning info, makes perfect sense.
from phpseclib.
Well extending phpseclib is certainly a valid use case. Carbon does that to \DateTime, for example. If I didn't consider that to be a valid use case then I ought to make the class a final
class.
Altho I guess that could mean that my changing of openChannel
to open_channel
in 792314e could be a BC breaking change, too, as that method is protected and not private (SFTP.php makes use of that method).
🤷♂️ It's a use case I prob ought to try to consider more often. I don't want to be paralyzed to the point where every seemingly small change is a BC break but I'd just assume not break things for people either.
from phpseclib.
this change broke our code too we keep getting this exception No data received from server
we rolled back to 3.0.35 as temporary solution, and everything start to work as expected.
from phpseclib.
@malohtie - it's unclear what change 3.0.36 introduced that would be causing that behavior. If you want the issue actually fixed you'll need to provide more information. For a start, SSH logs. eg. do define('NET_SSH2_LOGGING', 2);
at the top and echo $ssh->getLog();
.
Thank you.
from phpseclib.
Actually, I wonder if c948a9a maybe is causing this issue.
As discussed in #1977 (comment) the change caused no issues in my own tests nor did it cause any issues in the unit tests but it's ultimately fairly difficult to determine the ultimate impact of that change. Quoting my comment in that post:
incorporating this change could be a boon to people (such as yourself) currently having issues but it could also break things for other people (like I said, the consequences are hard to predict).
To test all you need do is this:
#
#-----[ OPEN ]------------------------------------------
#
Net/SSH2.php
#
#-----[ FIND ]------------------------------------------
#
stream_set_timeout($this->fsock, $sec, $usec);
$raw = stream_get_contents($this->fsock, $this->decrypt_block_size);
#
#-----[ REPLACE WITH ]----------------------------------
#
//stream_set_timeout($this->fsock, $sec, $usec);
$raw = stream_get_contents($this->fsock, $this->decrypt_block_size);
from phpseclib.
@malohtie - good catch.
I just got to the office for my day job so I won't be able to fix this for ~8h or so but I'll implement a fix when I get home.
Thanks!
from phpseclib.
No worries! Take your time, and we appreciate your commitment!
Thanks again.
from phpseclib.
@malohtie - c20dd78 should fix this!
LMK if that works for you and if so I can do a new release this weekend!
from phpseclib.
it will absolutely work with the if statement.
thanks
from phpseclib.
Related Issues (20)
- Does CVE-2023-49316 affect v2? HOT 6
- Documentation Missing? HOT 2
- CMAC-AES not available HOT 2
- At least one byte needs to be present for successful C / b decodes HOT 9
- Undefined variable $name in function addFileFormat HOT 2
- CVE-2023-48795 - Terrapin Vulnerability HOT 3
- Unintended change causes lint failing in dependent packages with latest v3.0.35 HOT 1
- Notice: Trying to access array offset on value of type bool in /src/vendor/phpseclib/phpseclib/phpseclib/Net/SFTP.php on line 2132 HOT 1
- a HOT 1
- Server Terminates Connection HOT 8
- add ssh3 support for faster connection HOT 1
- Using OpenSSH private key results in openssl_sign() - supplied key param cannot be coerced into a private key HOT 4
- `SFTP::put()` fails silently with no provided error information if path does not exist HOT 5
- ElGamal ECC encryption HOT 1
- Parse error: syntax error, unexpected 'const' (T_CONST), expecting variable (T_VARIABLE) HOT 5
- Issue with isConnected/isAuthenticated after remote terminal restart HOT 5
- openssl_x509_check_private_key always return cert and privatekey mismatch HOT 2
- SSH2 exec crashes while returning data & "Please close the channel (1) before trying to open it again" HOT 9
- Add setPaddable func at the SymmetricKey class? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpseclib.